summaryrefslogtreecommitdiffstats
path: root/lib
Commit message (Collapse)AuthorAgeFilesLines
...
* | Adding SSL::Host-level support for managing the terminus andLuke Kanies2008-04-176-21/+66
| | | | | | | | | | cache classes. Also, defaulting to the :file terminus for all of the SSL classes.
* | Fixing the CA so it actually automatically generates its certificate.Luke Kanies2008-04-171-7/+8
| |
* | The certificate authority now uses a Host instance named 'ca'.Luke Kanies2008-04-171-65/+26
| | | | | | | | | | | | It previously was a subclass of Host, but this should make it easier to separate between the thing doing the signing and the thing managing the necessary files.
* | Changing all of the SSL terminus classes to treat CA files specially.Luke Kanies2008-04-178-53/+139
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is a kind of weird design situation. For instance, we've got a collection of certificates in the :certdir, but then there's a special CA certificate off by itself. Rather than build a whole separate infrastructure for managing those separate files (cert and key, at least), I decided to add special support for specifying where to find the CA-specific bits, and then code for handling them when necessary. This requires that we have a standard way of knowing whether we should be managing the CA bits or normal host files. The Puppet::SSL::Host class now has a 'ca_name' method that returns the string we're using for the CA name; this name is currently 'ca'. We have to use a name, because the name is the only thing that all methods have access to (e.g., when trying to 'find' the right cert, we only have the name available). What this means is that if you want access to the CA key or cert, then create a Puppet::SSL::Host instance with the name 'ca'. You'll still get the CA cert created with the host's :certname; it will just be stored in a different location.
* | The 'destroy' method for the ssl_file terminus base classLuke Kanies2008-04-161-1/+1
| | | | | | | | now returns false on missing files, rather than failing.
* | Removing all the cases where the ssl host specifiesLuke Kanies2008-04-161-70/+18
| | | | | | | | | | a terminus. Also, getting rid of some metaprogramming that wasn't really helping.
* | Making the first pass at using requests instead ofLuke Kanies2008-04-158-64/+30
| | | | | | | | | | specifying the terminus class. The individual ssl classes now work, but the ssl host class doesn't yet.
* | Adding a :to_text method that will convert the containedLuke Kanies2008-04-151-0/+6
| | | | | | | | thing to readable human text.
* | Actually signing the certificates in the CA.Luke Kanies2008-04-151-0/+1
| |
* | Adding the first attempt at managing the certificateLuke Kanies2008-04-151-0/+72
| | | | | | | | revocation list.
* | Adding a :search method to the ssl_file terminus typeLuke Kanies2008-04-152-0/+31
| | | | | | | | and the SSL::Host class.
* | We have a basically functional CA -- it can signLuke Kanies2008-04-157-19/+54
| | | | | | | | | | | | requests and return certificates. There's still plenty more work to do, but I'm probably not much more than a day away from redoing puppetca to use this code.
* | Adding tests for the easy bits of the CertificateFactory.Luke Kanies2008-04-151-5/+14
| | | | | | | | | | | | I probably am going to skip the tests for the rest, since the code is unlikely to ever change, and it's going to be a royal pain to test.
* | Adding tests for the certificate serial numbersLuke Kanies2008-04-151-10/+10
| |
* | The certificate authority is now functional and tested.Luke Kanies2008-04-152-26/+27
| |
* | This is a first pass at the certificate authority.Luke Kanies2008-04-154-48/+356
| | | | | | | | | | The tests are basically entirely absent still, but the structure is all there.
* | It looks like all of the new ssl classes for managingLuke Kanies2008-04-157-20/+105
| | | | | | | | | | | | | | keys, certificates, and requests now work, including talking to the certificate authority. Now we just need the authority itself, along with the necessary REST terminii.
* | Adding he last of the indirection classes for the sslLuke Kanies2008-04-157-5/+29
| | | | | | | | classes, finally including the certificate requests.
* | The certificate and key are now correctly interactingLuke Kanies2008-04-153-26/+30
| | | | | | | | | | with the existing cert/key store. Certificate requests are not yet handled, nor are the ca-specific collections.
* | Removing obsolete indirection classesLuke Kanies2008-04-152-38/+0
| |
* | The basics for the certificate and certificate requestLuke Kanies2008-04-157-38/+127
| | | | | | | | | | indirection terminii are done. I need to move most of the test code to a shared behaviour now.
* | The new SSL classes basically work, but they're notLuke Kanies2008-04-155-1/+90
| | | | | | | | functionally connected to any kind of indirection.
* | Finished the certificate request wrapper class.Luke Kanies2008-04-151-0/+27
| |
* | First stage of cert refactoring: PrivateLuke Kanies2008-04-152-0/+72
| | | | | | | | keys kind of work.
* | Fixing whitespace problems.Luke Kanies2008-04-151-18/+18
| |
* | Adding the necessary tests for webrick to have logging andLuke Kanies2008-04-151-1/+73
| | | | | | | | | | ssl. The tests can't be completed until the certificate work is all done.
* | Merge branch '0.24.x'Luke Kanies2008-04-1111-88/+156
|\| | | | | | | | | | | Conflicts: spec/unit/network/server.rb
| * Fixishing some pending tests, including filling inLuke Kanies2008-04-111-2/+2
| | | | | | | | the connection information.
| * Making the changes necessary to get the REST supportLuke Kanies2008-04-111-8/+8
| | | | | | | | | | to work with the current state of the indirection work, including using a request object and an expiration date.
| * The 'destroy' method in the indirection now returnsLuke Kanies2008-04-111-2/+2
| | | | | | | | | | the results of destroying, so they can return true or false.
| * fill out specs for network_* methods; refactor lowest-level network hooksRick Bradley2008-04-111-4/+8
| |
| * adding rest_connection_details helper to Indirector::REST -- will need to be ↵Rick Bradley2008-04-111-0/+5
| | | | | | | | overridden to lookup the real connection details
| * removed a debugging helper from the Indirector::Rest#save methodRick Bradley2008-04-111-3/+1
| |
| * adding REST save support, with integration tests. A handful of unit tests ↵Rick Bradley2008-04-112-18/+21
| | | | | | | | in that area now need to be updated.
| * disabling caching for Puppet::Indirector::Indirection as it was causing ↵Rick Bradley2008-04-111-1/+0
| | | | | | | | hella problems with testing save without caching; judging my luke's blog this is going to be rewritten somehow anyway
| * work-in-progress; playing with refactoring network_* methods inside ↵Rick Bradley2008-04-111-2/+11
| | | | | | | | Indirector::REST
| * Added support for destroy/DELETE over REST (including units & integrations ↵Rick Bradley2008-04-111-8/+27
| | | | | | | | | | | | | | | | on both webrick & mongrel). Added pending specs for the trivialities in the REST network_fetch and network_delete methods. Refactored YAML exception detection out into a private helper method.
| * making search work over REST, w/ unit & integration specsRick Bradley2008-04-112-4/+2
| |
| * unit specs and implementation for Indirector::REST#search methodRick Bradley2008-04-111-0/+8
| |
| * Make mongrel happy like WEBrick.Rick Bradley2008-04-112-7/+4
| | | | | | | | Refactored specs to put some of the lower-level find/save/search/destroy unit tests under their own contexts.
| * exceptions on remote end now properly passed to local end via REST and ↵Rick Bradley2008-04-111-1/+1
| | | | | | | | re-raised (integration-tested)
| * Much larger commit than I would like to land at once. This is all ↵Rick Bradley2008-04-115-24/+42
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | REST-related code. Two specs are failing related to how Mongrel is initialized for REST; will fix those shortly. REST indirector now supports find, with deserialization. Network code in indirector now. Will still need to un-hardwire address/port for outbound connections. Will still need to urlencode path parameters. Code for search, destroy, update is coming, should be similar to find. Reworked how the Handler module is used. Needed to be included, rather than inherited. Needed to sidestep initializers for actual web servers (webrick, mongrel), needed to be possible to have handler-including class be used as a class (aka servlet) instead of as an instance. Webrick handler registration is now abstracted to "above" the servlet. Provided a #model method to use instead of @model in handler module. This allows neutering during testing. Brought class_for_protocol up into http/webrick class as a (tested) class method. Integration tests for rest indirection. Split server integration tests into mongrel and webrick tests. Got Node/REST working properly wrt the crazy-ass autoloader thing. We're now actually passing traffic w/ webrick, fwiw.
| * fixing Puppet::Node::REST class name to work with autoloader inflection ↵Rick Bradley2008-04-111-1/+1
| | | | | | | | (Puppet::Node::Rest), so we can do Puppet::Node.terminus_class = :rest
| * This is the first version where mongrel and webrick are reliably startable ↵Rick Bradley2008-04-116-19/+44
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | and stoppable via Puppet::Network::Server. Added a network/server integration spec, testing startup, shutdown, reachability, and collision of webrick and mongrel servers in the new network code. Converted Puppet::Network::HTTP::Handler class to a module, as mongrel Handler should be subclassed; converting subclasses to include the module instead. Mongrel will actually stop if you .stop it, graceful_shutdown didn't seem quite so reliable. Webrick requires running in its own Thread to avoid hanging the entire process; this requires introduction of a Mutex to make things safe. We're only supporting the REST protocol. Made this explicit. Fixed http server setup args, w/ specs, ah the glory of integration testing.
| * the indirector will not serve xmlrpc (this is the responsibility of the ↵Rick Bradley2008-04-114-12/+0
| | | | | | | | legacy networking code; it was a mistake to include stubbed support for it in the new code); removing
| * removing obsolete TODO commentRick Bradley2008-04-111-1/+0
| |
| * puppet-compliant indentationRick Bradley2008-04-111-22/+22
| |
* | Merge branch '0.24.x'Luke Kanies2008-04-1145-556/+410
|\|
| * Resources now return the 'should' value for properties fromLuke Kanies2008-04-111-7/+3
| | | | | | | | | | | | | | the [] accessor method (they previously threw an exception when this method was used with properties). This shouldn't have any affect functionally; it just makes the method equivalent to 'should' for properties, but it works for all attribute types now.
| * Modified the 'master' handler to use the Catalog class toLuke Kanies2008-04-114-218/+11
| | | | | | | | | | | | | | | | | | | | compile node configurations, rather than using the Configuration handler, which was never used directly. I removed the Configuration handler as a result. Modified the 'master' handler (responsible for sending configurations to clients) to always return Time.now as its compile date, so configurations will always get recompiled.
generated by cgit (git 2.34.1) at 2025-09-29 20:04:44 +0000